Tip

Top 10 command-line commands for managing Windows 7 desktops

While graphical user interfaces are great for many tasks, command-line functions can be just as powerful and vastly more efficient -- especially for scripting tasks.

Here are my top 10 favorite command-line

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

commands for Windows 7. Each command is native on the operating system so you don't need special software. Administrative access may be required for some of them.

1. Checking the IP addresses on the local system
One of the most frequently used command by IT professionals is ipconfig /all, which displays the active Internet Protocol (IP) addresses, Media Access Control (MAC) address, default gateway, Dynamic Host Configuration Protocol (DHCP) status and more for each network interface on the computer.

ipconfig /all

Related commands:

  • ipconfig /release -- releases currently assigned IP addresses
  • ipconfig /renew -- acquires IP addresses from a DHCP server

2. Clearing the DNS cache on the local computer
The ipconfig /flushdns command clears the domain name server (DNS) cache stored on the local computer. It's often used when the internal network or external resources can't be accessed because of corrupted DNS data.

ipconfig /flushdns

Related commands:

  • ipconfig /displaydns -- displays the current DNS cache
  • net start (or stop) dnscache -- turns on (or off) the local DNS cache client, flushing the DNS cache. Turning off the cache allows the system to resolve addresses: Each address will be resolved each time a request is made, rather than saving the IP address for that host.

3. Querying group policy settings
Group policy settings determine how the computer is configured for system and user settings. Because these settings can be configured centrally from a domain controller -- as well as locally from the computer itself -- determining the actual "in-use" policy can be tricky. The gpresult /r command displays the "resultant set of policy," including when the policies were last processed and the actual settings for computer and user policies.

gpresult /R

For remote computers:
gpresult /S computername /U username /P password /R

Related commands:

  • gpresult /H filename.html -- creates an HTML-formatted view of the group policy settings

4. Refreshing group policy settings
Changing group policy settings on the domain controller allows endpoint systems to receive the updates the next time they refresh their policy -- anywhere from 20 to 90 minutes later. To speed up this process and obtain the new settings immediately, force the update with this command

gpupdate /force

5. Shutting down a computer
When performing systems management routines such as installing patches, it may be necessary to shut down and/or restart the system in a scripted manner. The shutdown command will turn off a local or remote computer -- giving one minute's notice to the logged on user.

shutdown /s

For remote computers:
shutdown /m \\computername /s

Related commands:

  • shutdown /r -- performs shutdown and restart
  • shutdown /a -- aborts a shutdown
  • shutdown /r /t 120 /c "Shutting Down for maintenance" /f /d p:4:1 -- performs a shutdown in 120 seconds, gives a message to the user, forces applications closed and notes the shutdown reason in the event log

6. Query the audit settings
The auditpol command can query and set audit settings on the local computer. For security auditing, it can be very useful to run this command on each machine and review the results.

auditpol /get /category:*

Related commands:

  • auditpol /get /category:* /r -- outputs results to CSV format

7. Perform a Windows Update check in
The Windows Update/Automatic Update client typically checks in with Microsoft (or a local Windows Server Update Services server) every 22 hours. If you want to force a check-in sooner, run the following command.

Note: This command-line script does not give any user feedback to the screen.

wuauclt /detectnow

8. Query the status of services
Use the SC command to see the services installed on a computer and if they are currently active.

sc query state= all

For remote computers:
sc \\computername query state= all

Related commands:

  • sc query service_name -- queries a specific service
  • sc qc service_name -- obtains configuration information for a specific service
  • sc \\computername stop service_name -- stops a service on a remote computer
  • sc \\computername start service_name -- starts a services on a remote computer

9. Query the status of the Windows Firewall
Windows Firewall has different settings for different connection types -- a public profile for when you're connected to the Internet, a private profile for when you're connected to an internal network, and a domain profile when you're connected to the corporate network. It's important to understand which firewall settings are in use for each profile.

netsh advfirewall show allprofiles

For remote computers:
netsh -r computername advfirewall show allprofiles (Note: Remote registry access must be available on the remote computer for this command to work.)

Related commands:

  • netsh advfirewall set allprofiles state off -- turns off the firewall for all states
  • netsh -r computername advfirewall set publicprofile state on -- turns on the remote computer's firewall for the public profile.
  • netsh -r computername advfirewall set privateprofile state off -- turns off the remote computer's firewall for the private profile.

10. Execute a command against a group of computers
With the FOR command, you can execute commands against a series of computers or IP addresses. This can be a useful way to perform scripted actions against remote computers in a large network space.

To query the firewall state for all computers in a Class C network and save results to individual filenames, enter the following:
FOR /L %i IN (1,1,254) DO netsh -r 192.168.1.%i advfirewall show allprofiles >192.168.1.%i.firewallstate.txt

Substitute your favorite remote command-line commands in place of the netsh command above.

Example:
FOR /L %i IN (1,1,254) DO gpresult /S 192.168.1.%i /F /H 192.168.1.%i.gpresult.html

For more information about any of the above commands, type the command at the command-line followed by /?.

ABOUT THE AUTHOR:   
Eric Schultze
Eric Schultze is an independent security consultant who most recently designed Microsoft patch management solutions at Shavlik Technologies. Prior to Shavlik, Schultze worked at Microsoft, where he helped manage the security bulletin and patch-release process. Schultze likes to forget that he used to work as an internal auditor on Wall Street.

This was first published in March 2010

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.